Export limit exceeded: 35438 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (4570 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-63292 | 2 Free, Freebox | 16 Freebox Hd, Freebox Mini, Freebox One and 13 more | 2026-02-04 | 3.5 Low |
| Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM authentication over the `FreeWifi_secure` network. During the EAP-Response/Identity exchange, the subscriber's full Network Access Identifier (NAI), which embeds the raw IMSI, is transmitted without encryption, tunneling, or pseudonymization. An attacker located within Wi-Fi range (~100 meters) can passively capture these frames without requiring user interaction or elevated privileges. The disclosed IMSI enables device tracking, subscriber correlation, and long-term monitoring of user presence near any broadcasting Freebox device. The vendor acknowledged the vulnerability, and the `FreeWifi_secure` service is planned for full deactivation by 1 October 2025. | ||||
| CVE-2025-7397 | 1 Brocade | 1 Ascg | 2026-02-02 | 7.1 High |
| A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface (CLI) in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized access and potential data breaches. | ||||
| CVE-2025-65098 | 1 Typebot | 1 Typebot | 2026-01-30 | 7.4 High |
| Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI keys, Google Sheets tokens, and SMTP passwords. The `/api/trpc/credentials.getCredentials` endpoint returns plaintext API keys without verifying credential ownership. Version 3.13.2 fixes the issue. | ||||
| CVE-2025-67159 | 1 Vatilon | 2 Pa4, Pa4 Firmware | 2026-01-30 | 7.5 High |
| Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext. | ||||
| CVE-2025-49183 | 1 Sick | 1 Media Server | 2026-01-29 | 7.5 High |
| All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files. | ||||
| CVE-2025-13053 | 1 Asustor | 2 Adm, Data Master | 2026-01-28 | 3.7 Low |
| When a user configures the NAS to retrieve UPS status or control the UPS, a non-enforced TLS certificate verification can allow an attacker able to intercept network traffic between the client and server can perform a man-in-the-middle (MITM) attack, which may obtain the sensitive information of the UPS server configuation. This issue affects ADM: from 4.1.0 through 4.3.3.RKD2, from 5.0.0 through 5.1.0.RN42. | ||||
| CVE-2025-49194 | 1 Sick | 1 Media Server | 2026-01-26 | 7.5 High |
| The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed. | ||||
| CVE-2024-30406 | 2 Juniper, Juniper Networks | 13 Acx5448, Acx5448-d, Acx5448-m and 10 more | 2026-01-23 | 5.5 Medium |
| A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. This issue affects only Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO. This issue does not affect releases before 23.1R1-EVO. | ||||
| CVE-2025-64769 | 1 Aveva | 1 Process Optimization | 2026-01-22 | 7.1 High |
| The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios. | ||||
| CVE-2019-25279 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2026-01-16 | 7.5 High |
| FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the device's SQLite database. Attackers can directly read sensitive login information stored in /faceGuard/database/FaceSentryWeb.sqlite without additional authentication. | ||||
| CVE-2025-63208 | 1 Bridgetech | 2 Vb288, Vb288 Firmware | 2026-01-15 | 7.5 High |
| An issue was discovered in bridgetech VB288 Objective QoE Content Extractor, firmware version 5.6.0-8, allowing attackers to gain sensitive information such as administrator passwords via the /probe/core/setup/passwd endpoint. | ||||
| CVE-2025-25613 | 1 Fs | 2 S3150-8t2f, S3150-8t2f Firmware | 2026-01-15 | 7.5 High |
| FS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 were discovered to transmit cookies for their web based administrative application containing usernames and passwords. These were transmitted in cleartext using simple base64 encoding during every POST request made to the server. | ||||
| CVE-2025-69272 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | 7.5 High |
| Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. | ||||
| CVE-2024-35282 | 1 Fortinet | 2 Forticlient, Forticlientios | 2026-01-14 | 3.9 Low |
| A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain cleartext passwords via keychain dump. | ||||
| CVE-2025-62578 | 2 Delta Electronics, Deltaww | 3 Dvp-12se, Dvp-12se, Dvp-12se Firmware | 2026-01-08 | 7.5 High |
| DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information | ||||
| CVE-2024-7259 | 2 Ovirt, Redhat | 3 Ovirt-engine, Rhev Hypervisor, Virtualization | 2026-01-08 | 4.9 Medium |
| A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext. | ||||
| CVE-2025-62330 | 2 Hcltech, Hcltechsw | 2 Devops Deploy, Hcl Devops Deploy | 2026-01-07 | 5.9 Medium |
| HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive monitoring or man-in-the-middle attacks. | ||||
| CVE-2025-65855 | 2 Netun, Netun Solutions | 3 Helpflash Iot, Helpflash Iot Firmware, Helpflash Iot | 2026-01-06 | 6.6 Medium |
| The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mode (8-second button press), create a malicious WiFi AP using the known credentials, and serve malicious firmware via unauthenticated HTTP to achieve arbitrary code execution on this safety-critical emergency signaling device. | ||||
| CVE-2025-65832 | 1 Meatmeet | 1 Meatmeet | 2026-01-06 | 4.6 Medium |
| The mobile application insecurely handles information stored within memory. By performing a memory dump on the application after a user has logged out and terminated it, Wi-Fi credentials sent during the pairing process, JWTs used for authentication, and other sensitive details can be retrieved. As a result, an attacker with physical access to the device of a victim can retrieve this information and gain unauthorized access to their home Wi-Fi network and Meatmeet account. | ||||
| CVE-2025-36154 | 1 Ibm | 1 Concert | 2025-12-30 | 6.2 Medium |
| IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker builds which could be obtained by a local user. | ||||